Double DIKU talk with Thomas Jensen and John Reppy
Web security and hybrid information flow analysis
Motivated by the problem of stateless web tracking (fingerprinting), I will review analysis techniques for detecting illicit flow of information in web applications. I will then present a novel approach to hybrid information flow monitoring that mixes static and dynamic analysis. The approach is based on a generic hybrid monitor parametrised by a static analysis. Several hybrid monitors including those based on well-known hybrid techniques for information flow control can be formalised as instances of this generic hybrid monitor. I will then briefly discuss techniques for enforcing information flow policies based on browser randomization.
Thomas Jensen is Directeur de recherche at INRIA and leader of the research group Celtique at INRIA Rennes.
His area of research is semantics-based program analysis and software security. He has made contributions to the foundations of static program analysis, the relationship between types and abstract interpretation, certification of static analyses and analysis of Java. He has been involved in several industrial technology transfers around Java smart cards, the most recent of which is a tool for the automated certification of Java Card applications against NFC industry norms for secure programming.
In 2015-2016 Thomas is visiting professor at the Department of Computer Science, Univ. of Copenhagen.
Diderot: A Parallel Domain-Specific Language for Image Analysis and Visualization
The analysis of structure in three-dimensional images is increasingly valuable for biomedical research and computational science. At the same time, the computational burden of processing images is increasing as devices produce images of higher resolution (e.g., typical CT scans have gone from 128^3 to roughly 512^3 resolutions). With the latest scanning technologies, it is also more common for the the values measured at each sample to be multi-dimensional rather than a single scalar, which further complicates implementing mathematically correct methods.
Diderot is a domain-specific language (DSL) for programming advanced 3D image visualization and analysis algorithms. These algorithms, such as volume rendering, fiber tractography, and particle systems, are naturally defined as computations over continuous tensor fields that are reconstructed from the discrete image data. Diderot combines a high-level mathematical programming notation based on tensor calculus with an abstract bulk-synchronous parallelism model. Diderot is designed to both enable rapid prototyping of new image analysis algorithms and high performance on a range of parallel platforms.
In this talk, I will give an overview of the design of Diderot and examples of its use. I will then describe aspects of its implementation.
Diderot is joint work with Gordon Kindlmann, Charisee Chiw, Lamont Samuels, and Nick Seltzer.
John Reppy is a Professor of Computer Science and a Senior Fellow of the Computation Institute at the University of Chicago. He received his Ph.D. from Cornell University in 1992 and spent the first eleven years of his career at Bell Labs in Murray Hill NJ. He has been exploring issues in language design and implementation since the late 1980's, with a focus on higher-order, typed, functional languages. His work includes the invention of Concurrent ML and work on combining object-oriented and functional language features. His current research is on high-level languages for parallel programming, including the Diderot, Manticore, and Nessie projects.
John Reppy will be a VELUX visiting Professor at DIKU from June 15th to August 15th.